---
title: "FreeBSD 4.6-RELEASE/4.6.2-RELEASE Errata"
sidenav: download
---

++++


        <h3 class="CORPAUTHOR">The FreeBSD Project</h3>

        <p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002 by
        The FreeBSD Documentation Project</p>

        <p class="PUBDATE">$FreeBSD:
        src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
        1.1.2.82 2002/09/16 23:08:45 bmah Exp $<br>
        </p>
        <hr>
      </div>

      <blockquote class="ABSTRACT">
        <div class="ABSTRACT">
          <a name="AEN11"></a>

          <p>This document lists errata items for FreeBSD
          4.6-RELEASE, containing significant information
          discovered after the release. This information includes
          security advisories, as well as news relating to the
          software or documentation that could affect its operation
          or usability. An up-to-date version of this document
          should always be consulted before installing this version
          of FreeBSD.</p>

          <p>Unless otherwise noted, items listed here also pertain
          to FreeBSD 4.6.2-RELEASE, which was designed to fix
          certain, specific problems in 4.6-RELEASE (see the
          release notes for more details).</p>

          <p>This errata document for FreeBSD 4.6-RELEASE will be
          maintained until the release of FreeBSD 4.7-RELEASE.</p>
        </div>
      </blockquote>

      <div class="SECT1">
        <hr>

        <h1 class="SECT1"><a name="AEN15">1 Introduction</a></h1>

        <p>This errata document contains ``late-breaking news''
        about FreeBSD 4.6-RELEASE. Before installing this version,
        it is important to consult this document to learn about any
        post-release discoveries or problems that may already have
        been found and fixed.</p>

        <p>Any version of this errata document actually distributed
        with the release (for example, on a CDROM distribution)
        will be out of date by definition, but other copies are
        kept updated on the Internet and should be consulted as the
        ``current errata'' for this release. These other copies of
        the errata are located at <a href=
        "http://www.FreeBSD.org/releases/" target=
        "_top">http://www.FreeBSD.org/releases/</a>, plus any sites
        which keep up-to-date mirrors of this location.</p>

        <p>Source and binary snapshots of FreeBSD 4-STABLE also
        contain up-to-date copies of this document (as of the time
        of the snapshot).</p>

        <p>For a list of all FreeBSD CERT security advisories, see
        <a href="http://www.FreeBSD.org/security/" target=
        "_top">http://www.FreeBSD.org/security/</a> or <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/" target=
        "_top">ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/</a>.</p>
      </div>

      <div class="SECT1">
        <hr>

        <h1 class="SECT1"><a name="AEN26">2 Security
        Advisories</a></h1>

        <p>FreeBSD 4.6-RELEASE contains a fix for a bug described
        in security advisory SA-02:23 (which addressed the use of
        file descriptors by set-user-id or set-group-id programs).
        An error has been discovered in the bugfix; it is still
        possible for systems using <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">procfs</span>(5)</span></a> or <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=linprocfs&sektion=5&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">linprocfs</span>(5)</span></a> to be
        exploited. A revised version of security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc"
         target="_top">FreeBSD-SA-02:23</a> contains a corrected
        bugfix. This problem was corrected in FreeBSD
        4.6.2-RELEASE.</p>

        <p>A buffer overflow in the resolver could be exploited by
        a malicious domain name server or an attacker forging DNS
        messages. This could potentially be used to force arbitrary
        code to run on a client machine with the privileges of a
        resolver-using application. See security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:28.resolv.asc"
         target="_top">FreeBSD-SA-02:28</a> for more information
        and a fix. This problem was corrected in FreeBSD
        4.6.2-RELEASE.</p>

        <p>Badly-formed NFS packets could trigger a buffer overflow
        in <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">tcpdump</span>(1)</span></a>. For a fix to
        this problem, see security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:29.tcpdump.asc"
         target="_top">FreeBSD-SA-02:29</a>. This problem was
        corrected in FreeBSD 4.6.2-RELEASE.</p>

        <p><a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=ktrace&sektion=1&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">ktrace</span>(1)</span></a> can be used to
        trace the operation of formerly-privileged processes. This
        is undesirable, as it is then possible to leak information
        obtained while these processes had elevated privileges. See
        security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:30.ktrace.asc"
         target="_top">FreeBSD-SA-02:30</a> for a workaround and a
        fix. This problem was corrected in FreeBSD
        4.6.2-RELEASE.</p>

        <p>A race condition in <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=pppd&sektion=8&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">pppd</span>(8)</span></a> can be used to
        change the permissions of an arbitrary file. For more
        details, a workaround, and bugfix information, see security
        advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:32.pppd.asc"
         target="_top">FreeBSD-SA-02:32</a>. This problem was
        corrected in FreeBSD 4.6.2-RELEASE.</p>

        <p>Multiple buffer overflows have been discovered in <b
        class="APPLICATION">OpenSSL</b>. More details (including
        workarounds and bugfixes) can be found in security advisory
        <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc"
         target="_top">FreeBSD-SA-02:33</a>. This problem was
        corrected in FreeBSD 4.6.2-RELEASE.</p>

        <p>A bug in the XDR decoder (used by Sun RPC) could result
        in a heap buffer overflow. Security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:34.rpc.asc"
         target="_top">FreeBSD-SA-02:34</a> contains workaround and
        bugfix information. This problem was corrected in FreeBSD
        4.6.2-RELEASE.</p>

        <p>Local users can, under certain circumstances, read and
        write arbitrary blocks on an FFS filesystem has been
        corrected. More details can be found in security advisory
        <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:35.ffs.asc"
         target="_top">FreeBSD-SA-02:35</a>, which contains a
        workaround and bugfix information. This problem was
        corrected in FreeBSD 4.6.2-RELEASE.</p>

        <p>A bug in the NFS server code could allow a remote denial
        of service attack. Security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:36.nfs.asc"
         target="_top">FreeBSD-SA-02:36</a> has information on a
        fix and a workaround. This problem was corrected in FreeBSD
        4.6.2-RELEASE.</p>

        <p>A bug in <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=kqueue&sektion=2&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">kqueue</span>(2)</span></a> could allow
        local users to panic a system. Correction information is
        contained in security advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:37.kqueue.asc"
         target="_top">FreeBSD-SA-02:37</a>. This problem was
        corrected in FreeBSD 4.6.2-RELEASE.</p>

        <p>Several bounds-checking bugs in system calls could
        result in some system calls returning a large portion of
        kernel memory. More details can be found in security
        advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:38.signed-error.asc"
         target="_top">FreeBSD-SA-02:38</a>. This problem was
        corrected in time for FreeBSD 4.6.2-RELEASE, although not
        mentioned in the accompanying release documentation.</p>

        <p>A bug in <tt class="FILENAME">libkvm</tt> could result
        in some applications leaking file descriptors with access
        to potentially sensitive information. More details, as well
        as a bugfix and a workaround, can be found in security
        advisory <a href=
        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc"
         target="_top">FreeBSD-SA-02:39</a>.</p>
      </div>

      <div class="SECT1">
        <hr>

        <h1 class="SECT1"><a name="AEN72">3 Late-Breaking
        News</a></h1>

        <p>In FreeBSD 4.6-RELEASE, the default maximum TCP window
        size was lowered from 65536 bytes to 57334 bytes, for
        better compatability with some versions of <b class=
        "APPLICATION">IPFilter</b>.</p>

        <p>A recently-discovered interaction between the FreeBSD
        kernel and the <tt class="FILENAME">archivers/zip</tt> port
        can result in some errors on the alpha platform. A
        post-release fix has been committed to the FreeBSD ports
        tree; versions of the <tt class=
        "FILENAME">archivers/zip</tt> port beginning with 2.3_1
        will function correctly.</p>

        <p>On the alpha platform, the <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=de&sektion=4&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">de</span>(4)</span></a> and <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=txp&sektion=4&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">txp</span>(4)</span></a> drivers were moved
        from the boot kernel on the floppy images to modules on the
        <tt class="FILENAME">mfsroot</tt> floppy. This change was
        made in order to get the alpha kernel to fit onto the boot
        floppy. It should be transparent to all users, as <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">sysinstall</span>(8)</span></a> will
        automatically load any kernel modules it finds on the <tt
        class="FILENAME">mfsroot</tt> floppy.</p>

        <p>Several last-minute patches were made to the <tt class=
        "FILENAME">x11-servers/XFree86-4-Server</tt> package. These
        allow the various server configuration programs to give
        better support for the <tt class="FILENAME">sysmouse</tt>
        device supported by <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=moused&sektion=8&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">moused</span>(8)</span></a>. The binary
        packages on the CDROMs and the FTP sites incoporate this
        patch and bear the version number 4.2.0_3. However, the
        ports collection included in the distribution does not
        contain this patch. To get an updated version, use <b
        class="APPLICATION">CVSup</b> to obtain a more recent ports
        collection.</p>

        <p>Some FreeBSD/i386 users have experienced difficulties
        reading from certain ATA CDROM drives. Specific models on
        which this problem has been observed include the AOpen 48x,
        52x, and 56x CDROM drives, as well as the Mitsumi Slim
        CRMC-SR242S CDROM drive. A typical symptom is the following
        error message on the console and/or <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=dmesg&sektion=8&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">dmesg</span>(8)</span></a> buffer
        (sometimes accompanied by a kernel panic):</p>
<pre class="SCREEN">
    acd0: READ_BIG command timeout - resetting
    ata1: resetting devices .. done
</pre>

        <p>In some cases, this bug can prevent installation of
        FreeBSD from an affected CDROM drive. It can cause <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">sysinstall</span>(8)</span></a> to hang
        while extracting distribution files from CD media.</p>

        <p>A two-part workaround listed here has shown to be
        helpful in some (but not necessarily all) cases. First, to
        allow a CDROM installation, it is necessary to modify the
        normal CDROM installation procedure:</p>

        <div class="PROCEDURE">
          <ol type="1">
            <li>
              <p>Start the computer with a FreeBSD installation
              CDROM in the drive.</p>
            </li>

            <li>
              <p>Wait for a console message similar to:</p>
<pre class="SCREEN">
    Hit [Enter] to boot immediately, or any other key for command prompt.
    Booting [kernel] in 9 seconds...
</pre>
            </li>

            <li>
              <p>Immediately interrupt the boot process by pressing
              the <b class="KEYCAP">Space</b> bar on the
              keyboard.</p>
            </li>

            <li>
              <p>Enter the following three lines at the <tt class=
              "LITERAL">ok</tt> prompt:</p>
<pre class="SCREEN">
    <tt class="PROMPT">ok</tt> <tt class=
"USERINPUT"><b>set hw.ata.ata_dma="1"</b></tt>
</pre>
<pre class="SCREEN">
    <tt class="PROMPT">ok</tt> <tt class=
"USERINPUT"><b>set hw.ata.atapi_dma="1"</b></tt>
</pre>
<pre class="SCREEN">
    <tt class="PROMPT">ok</tt> <tt class=
"USERINPUT"><b>boot</b></tt>
</pre>
            </li>

            <li>
              <p>Continue the installation as normal.</p>
            </li>
          </ol>
        </div>

        <p>The second part of the workaround takes place after
        completing the CDROM installation (or a successful source
        upgrade). It consists of configuring the <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">ata</span>(4)</span></a> driver so that
        future CDROM reads work correctly:</p>

        <div class="PROCEDURE">
          <ol type="1">
            <li>
              <p>Add the following two lines to <tt class=
              "FILENAME">/boot/loader.conf</tt> (creating this file
              if it does not already exist):</p>
<pre class="PROGRAMLISTING">
    hw.ata.ata_dma="1"
    hw.ata.atapi_dma="1"
</pre>
            </li>

            <li>
              <p>Reboot the machine.</p>
            </li>
          </ol>
        </div>

        <p>This problem was fixed in FreeBSD 4.7-PRERELEASE on 31
        July 2002, as well as FreeBSD 4.6.2-RELEASE.</p>

        <p>Due to a bug in the release generation process, some of
        the directories under <tt class=
        "FILENAME">/usr/share/examples</tt> are empty (most notably
        <tt class="FILENAME">/usr/share/examples/cvsup</tt>). A
        partial workaround is to install the <tt class=
        "FILENAME">sshare</tt> distribution via <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">sysinstall</span>(8)</span></a> (from the
        main menu, choose <span class=
        "GUIMENUITEM">Configure</span>, <span class=
        "GUIMENUITEM">Distributions</span>, <span class=
        "GUIMENUITEM">src</span>, then <span class=
        "GUIMENUITEM">share</span>). <tt class=
        "FILENAME">/usr/src/share/examples</tt> will then contain
        the missing files. This problem was corrected in FreeBSD
        4.7-PRERELEASE on 16 July 2002, as well as FreeBSD
        4.6.2-RELEASE.</p>

        <p>The item in the ``Filesystems'' section of the release
        notes contains a small grammatical error. It should read:
        ``A bug has been fixed in soft updates that could cause
        occasional filesystem corruption if the system is shut down
        immediately after performing heavy filesystem activities,
        such as installing a new kernel or other software.''</p>

        <p>Due to an omission, <tt class="COMMAND">pkg_add -r</tt>
        on 4.6-RELEASE or 4.6.2-RELEASE may attempt to fetch
        packages built for FreeBSD -STABLE, rather than for the
        appropriate release. As a workaround, set the <tt class=
        "VARNAME">PACKAGESITE</tt> environment variable
        appropriately before invoking <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=pkg_add&sektion=1&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">pkg_add</span>(1)</span></a>. For example,
        a <a href=
        "http://www.FreeBSD.org/cgi/man.cgi?query=csh&sektion=1&manpath=FreeBSD+4.6-stable">
        <span class="CITEREFENTRY"><span class=
        "REFENTRYTITLE">csh</span>(1)</span></a> user on
        4.6.2-RELEASE could use:</p>
<pre class="PROGRAMLISTING">
    <tt class="PROMPT">%</tt> <tt class=
"USERINPUT"><b>setenv PACKAGESITE \</b></tt>
    <tt class=
"USERINPUT"><b>ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4.6.2-release/Latest/</b></tt>
</pre>
      </div>
    </div>
    <hr>

    <p align="center"><small>This file, and other release-related
    documents, can be downloaded from <a href=
    "http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/</a>.</small></p>

    <p align="center"><small>For questions about FreeBSD, read the
    <a href="http://www.FreeBSD.org/docs.html">documentation</a>
    before contacting &#60;<a href=
    "mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>

    <p align="center"><small><small>All users of FreeBSD 4-STABLE
    should subscribe to the &#60;<a href=
    "mailto:stable@FreeBSD.org">stable@FreeBSD.org</a>&#62; mailing
    list.</small></small></p>

    <p align="center">For questions about this documentation,
    e-mail &#60;<a href=
    "mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</p>
    <br>
    <br>
++++


